We use cookies to customise content for your subscription and for analytics.If you continue to browse Lexology, we will assume that you are happy to receive all our cookies. For further information please read our Cookie Policy.

Our guest for episode 44 of the Steptoe Cyberlaw Podcast is Sal Stolfo, Professor at Columbia University’s Computer Science Department and CEO of Allure Software. Stolfo brings an attacker’s sensibility to network security approaches usually dominated by defensive thinking. His approach to computer security includes flooding the network with plausible fake documents wired to alarm when touched by a user. The alarm, in turn, shuts down a user’s access and prompts for a second form of authentication. Documents that are successfully exfiltrated persistently attempt to beacon back to the home network, betraying the attacker and his customers long after the hack. He’s already deploying some of these concepts commercially. It’s the kind of active defense even the Justice Department should love.

In our news roundup, This Week in NSA is dominated by speculation that the 215 program will never die. Conventional wisdom says that the metadata program will ride into the sunset on June 1, 2015. But a “transition” note could allow the program to last for years. Meanwhile, the NSA director, Admiral Mike Rogers, is warning that China and one or two other countries have the ability to bring down the electric grid in the United States.

Finally, in our first item derived from a listener request (h/t Lee Baumgardner), we look at the regulatorily challenged transport company, Uber, and its potential liability for a steady stream of privacy flaps, including its unwisely but appropriately named “God Mode.”